1*e7b1675dSTing-Kang Chang#!/bin/bash 2*e7b1675dSTing-Kang Chang# Copyright 2021 Google LLC 3*e7b1675dSTing-Kang Chang# 4*e7b1675dSTing-Kang Chang# Licensed under the Apache License, Version 2.0 (the "License"); 5*e7b1675dSTing-Kang Chang# you may not use this file except in compliance with the License. 6*e7b1675dSTing-Kang Chang# You may obtain a copy of the License at 7*e7b1675dSTing-Kang Chang# 8*e7b1675dSTing-Kang Chang# http://www.apache.org/licenses/LICENSE-2.0 9*e7b1675dSTing-Kang Chang# 10*e7b1675dSTing-Kang Chang# Unless required by applicable law or agreed to in writing, software 11*e7b1675dSTing-Kang Chang# distributed under the License is distributed on an "AS IS" BASIS, 12*e7b1675dSTing-Kang Chang# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*e7b1675dSTing-Kang Chang# See the License for the specific language governing permissions and 14*e7b1675dSTing-Kang Chang# limitations under the License. 15*e7b1675dSTing-Kang Chang################################################################################ 16*e7b1675dSTing-Kang Chang 17*e7b1675dSTing-Kang Changset -euo pipefail 18*e7b1675dSTing-Kang Chang 19*e7b1675dSTing-Kang Chang############################################################################# 20*e7b1675dSTing-Kang Chang# Tests for hybrid encryption example. 21*e7b1675dSTing-Kang Chang############################################################################# 22*e7b1675dSTing-Kang Chang 23*e7b1675dSTing-Kang ChangCLI="$1" 24*e7b1675dSTing-Kang ChangPUBLIC_KEYSET_FILE="$2" 25*e7b1675dSTing-Kang ChangPRIVATE_KEYSET_FILE="$3" 26*e7b1675dSTing-Kang Chang 27*e7b1675dSTing-Kang ChangINPUT_FILE="${TEST_TMPDIR}/example_data.txt" 28*e7b1675dSTing-Kang Chang 29*e7b1675dSTing-Kang Changecho "This is some message to be encrypted." > "${INPUT_FILE}" 30*e7b1675dSTing-Kang Chang 31*e7b1675dSTing-Kang Chang############################################################################# 32*e7b1675dSTing-Kang Chang 33*e7b1675dSTing-Kang Chang# A helper function for getting the return code of a command that may fail 34*e7b1675dSTing-Kang Chang# Temporarily disables error safety and stores return value in $TEST_STATUS 35*e7b1675dSTing-Kang Chang# Usage: 36*e7b1675dSTing-Kang Chang# % test_command somecommand some args 37*e7b1675dSTing-Kang Chang# % echo $TEST_STATUS 38*e7b1675dSTing-Kang Changtest_command() { 39*e7b1675dSTing-Kang Chang set +e 40*e7b1675dSTing-Kang Chang "$@" 41*e7b1675dSTing-Kang Chang TEST_STATUS=$? 42*e7b1675dSTing-Kang Chang set -e 43*e7b1675dSTing-Kang Chang} 44*e7b1675dSTing-Kang Chang 45*e7b1675dSTing-Kang Changprint_test() { 46*e7b1675dSTing-Kang Chang echo "+++ Starting test $1..." 47*e7b1675dSTing-Kang Chang} 48*e7b1675dSTing-Kang Chang 49*e7b1675dSTing-Kang Chang############################################################################# 50*e7b1675dSTing-Kang Chang 51*e7b1675dSTing-Kang Changprint_test "test_encrypt_decrypt_succeeds" 52*e7b1675dSTing-Kang Chang 53*e7b1675dSTing-Kang Chang# Run encryption 54*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=encrypt --keyset_path="${PUBLIC_KEYSET_FILE}" \ 55*e7b1675dSTing-Kang Chang --input_path="${INPUT_FILE}" --output_path="${INPUT_FILE}.ciphertext" 56*e7b1675dSTing-Kang Chang 57*e7b1675dSTing-Kang Changif (( TEST_STATUS == 0 )); then 58*e7b1675dSTing-Kang Chang echo "+++ Encryption successful." 59*e7b1675dSTing-Kang Changelse 60*e7b1675dSTing-Kang Chang echo "--- Encryption failed." 61*e7b1675dSTing-Kang Chang exit 1 62*e7b1675dSTing-Kang Changfi 63*e7b1675dSTing-Kang Chang 64*e7b1675dSTing-Kang Chang# Run decryption 65*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=decrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \ 66*e7b1675dSTing-Kang Chang --input_path="${INPUT_FILE}.ciphertext" --output_path="${INPUT_FILE}.plaintext" 67*e7b1675dSTing-Kang Chang 68*e7b1675dSTing-Kang Changif (( TEST_STATUS == 0 )); then 69*e7b1675dSTing-Kang Chang echo "+++ Decryption successful." 70*e7b1675dSTing-Kang Changelse 71*e7b1675dSTing-Kang Chang echo "--- Decryption failed." 72*e7b1675dSTing-Kang Chang exit 1 73*e7b1675dSTing-Kang Changfi 74*e7b1675dSTing-Kang Chang 75*e7b1675dSTing-Kang Changcat "${INPUT_FILE}" 76*e7b1675dSTing-Kang Changcat "${INPUT_FILE}.plaintext" 77*e7b1675dSTing-Kang Changcmp --silent "${INPUT_FILE}" "${INPUT_FILE}.plaintext" 78*e7b1675dSTing-Kang Chang 79*e7b1675dSTing-Kang Chang 80*e7b1675dSTing-Kang Chang############################################################################# 81*e7b1675dSTing-Kang Chang 82*e7b1675dSTing-Kang Changprint_test "test_encrypt_decrypt_succeeds_with_context" 83*e7b1675dSTing-Kang Chang 84*e7b1675dSTing-Kang Chang# Run encryption 85*e7b1675dSTing-Kang ChangCONTEXT_INFORMATION="context information" 86*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=encrypt --context_info="${CONTEXT_INFORMATION}" \ 87*e7b1675dSTing-Kang Chang --keyset_path="${PUBLIC_KEYSET_FILE}" --input_path="${INPUT_FILE}" \ 88*e7b1675dSTing-Kang Chang --output_path="${INPUT_FILE}.ciphertext" 89*e7b1675dSTing-Kang Chang 90*e7b1675dSTing-Kang Changif (( TEST_STATUS == 0 )); then 91*e7b1675dSTing-Kang Chang echo "+++ Encryption successful." 92*e7b1675dSTing-Kang Changelse 93*e7b1675dSTing-Kang Chang echo "--- Encryption failed." 94*e7b1675dSTing-Kang Chang exit 1 95*e7b1675dSTing-Kang Changfi 96*e7b1675dSTing-Kang Chang 97*e7b1675dSTing-Kang Chang# Run decryption 98*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=decrypt --context_info="${CONTEXT_INFORMATION}" \ 99*e7b1675dSTing-Kang Chang --keyset_path="${PRIVATE_KEYSET_FILE}" --input_path="${INPUT_FILE}.ciphertext" \ 100*e7b1675dSTing-Kang Chang --output_path="${INPUT_FILE}.plaintext" 101*e7b1675dSTing-Kang Chang 102*e7b1675dSTing-Kang Changif (( TEST_STATUS == 0 )); then 103*e7b1675dSTing-Kang Chang echo "+++ Decryption successful." 104*e7b1675dSTing-Kang Changelse 105*e7b1675dSTing-Kang Chang echo "--- Decryption failed." 106*e7b1675dSTing-Kang Chang exit 1 107*e7b1675dSTing-Kang Changfi 108*e7b1675dSTing-Kang Chang 109*e7b1675dSTing-Kang Changcmp --silent "${INPUT_FILE}" "${INPUT_FILE}.plaintext" 110*e7b1675dSTing-Kang Chang 111*e7b1675dSTing-Kang Chang############################################################################# 112*e7b1675dSTing-Kang Chang 113*e7b1675dSTing-Kang Changprint_test "test_encrypt_decrypt_fails_with_context" 114*e7b1675dSTing-Kang Chang 115*e7b1675dSTing-Kang Chang# Run encryption 116*e7b1675dSTing-Kang ChangCONTEXT_INFORMATION="context information" 117*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=encrypt --context_info="${CONTEXT_INFORMATION}" \ 118*e7b1675dSTing-Kang Chang --keyset_path="${PUBLIC_KEYSET_FILE}" --input_path="${INPUT_FILE}" \ 119*e7b1675dSTing-Kang Chang --output_path="${INPUT_FILE}.ciphertext" 120*e7b1675dSTing-Kang Chang 121*e7b1675dSTing-Kang Changif (( TEST_STATUS == 0 )); then 122*e7b1675dSTing-Kang Chang echo "+++ Encryption successful." 123*e7b1675dSTing-Kang Changelse 124*e7b1675dSTing-Kang Chang echo "--- Encryption failed." 125*e7b1675dSTing-Kang Chang exit 1 126*e7b1675dSTing-Kang Changfi 127*e7b1675dSTing-Kang Chang 128*e7b1675dSTing-Kang Chang# Run decryption 129*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=decrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \ 130*e7b1675dSTing-Kang Chang --input_path="${INPUT_FILE}.ciphertext" --output_path="${INPUT_FILE}.plaintext" 131*e7b1675dSTing-Kang Chang 132*e7b1675dSTing-Kang Changif (( TEST_STATUS == 1 )); then 133*e7b1675dSTing-Kang Chang echo "+++ Decryption failed as expected." 134*e7b1675dSTing-Kang Changelse 135*e7b1675dSTing-Kang Chang echo "--- Decryption succeeded but expected to fail." 136*e7b1675dSTing-Kang Chang exit 1 137*e7b1675dSTing-Kang Changfi 138*e7b1675dSTing-Kang Chang 139*e7b1675dSTing-Kang Chang############################################################################# 140*e7b1675dSTing-Kang Chang 141*e7b1675dSTing-Kang Changprint_test "test_encrypt_fails_with_wrong_keyset" 142*e7b1675dSTing-Kang Chang 143*e7b1675dSTing-Kang Chang# Run encryption 144*e7b1675dSTing-Kang Changtest_command ${CLI} --mode=encrypt --keyset_path="${PRIVATE_KEYSET_FILE}" \ 145*e7b1675dSTing-Kang Chang --input_path="${INPUT_FILE}" --output_path="${INPUT_FILE}.ciphertext" 146*e7b1675dSTing-Kang Chang 147*e7b1675dSTing-Kang Changif (( TEST_STATUS == 1 )); then 148*e7b1675dSTing-Kang Chang echo "+++ Encryption failed as expected." 149*e7b1675dSTing-Kang Changelse 150*e7b1675dSTing-Kang Chang echo "--- Encryption succeeded but expected to fail." 151*e7b1675dSTing-Kang Chang exit 1 152*e7b1675dSTing-Kang Changfi 153